each blockchain user, upon successful registration, assigns a public/private key pair, e.g., the user's public/private key pair (pk, sk) is generated based on an elliptic curve cryptography ECC algorithm. The public key is public and the private key is kept by the user himself.

ECC allows users to decrypt their files without the involvement of any key generation center or third party. At the same time, a signature key pair (spk, ssk) is generated using the digital signature algorithm ECDSA. At data streaming time, the sender signs ssk on the data file block and is verified by the receiver using spk.

Step S205, establishing metadata of each data file block, and encrypting the metadata by using a public key P1 of a data owner DO to generate a metadata ciphertext;

the metadata comprises lightweight data including the name of the data file block, the position of the cloud storage node, a key ciphertext, a Hash value and the URL address of the copy; and the metadata stored in the block chain corresponds to the data file blocks stored in the cloud one by one according to the positions of the cloud storage nodes. This relationship may be obtained by decrypting the metadata ciphertext.

Step S206, the metadata ciphertext is linked to the block chain for storage.

Specifically, the metadata ciphertext is circulated by a transaction mechanism of the blockchain and randomly stored on a node of the P2P network of the blockchain.

In the block chain structure shown in fig. 4, taking the contract file as an example, we only store the metadata of the data file, rather than storing the data file itself in the block chain. Because the block chain is highly redundant, the method can save a large amount of memory space for users, improve the operation speed and is safer. Even if an attacker intercepts the transaction data, the original contract data cannot be acquired. In our architecture, what is recorded on the blockchain is not a transaction in the traditional sense, but rather a process where metadata is streamed from one party to the other, again with a timestamp. Therefore, when a user wants to update a data file, only a new transaction needs to be initiated; likewise, when a user reviews a data file, only the latest transaction associated therewith needs to be reviewed, as it is the final state of the data file. When a user needs to verify their data, the transaction records can be traced back from the blockchain according to the identity information, and then their data can be verified through the file locations recorded on the blockchain.

Further, integrity verification is performed on the metadata ciphertext by using the Melkle tree.

As shown in fig. 5, the Melkle tree is computed from SHA256 one-way hashes, while SHA2562 is two SHA256 operations. The Melkle tree is first constructed by pairing data, i.e. the bottommost leaf node Ti. In bitcoin systems Ti generally refers to transactions, while in our system we refer to the process of streaming metadata from DO to DU. And h (Ti) is obtained after the hash operation, then pairwise matching and hash are carried out again, and the hash is carried out upwards one layer by one layer until the final calculation result, namely the Melkle tree root, is obtained. In the tree, each leaf node containing contract information may be verified through its corresponding path. By comparing their Melkle tree roots, we can know whether the contract metadata in the leaf nodes has been tampered with.

SHA256 outputs any input as a 256-bit string that is irreversible and with slight changes in input, the output will change significantly. As known from the calculation process, the Melkle root stores the information related to all the contract file blocks, so the integrity verification of the contract files only needs to verify the Melkle root, and the calculation cost is very low.

Further, the fault-tolerant processing of the metadata ciphertext is carried out by using a redundant file copy mode.

In order to ensure the reliability and performance of the architecture, a random storage strategy is adopted to store contract file blocks on nodes of the P2P network, and redundant file copies are used to realize a fault tolerance mechanism. Similarly, the contract document copies are encrypted before being uploaded, and the number of the contract document copies is determined by the number of the contract document blocks and the document copy placement policy (which is generally fixed). The file and the copies thereof are stored in a data center or a server in a triplicate manner, wherein the first copy is placed on a data node for uploading the file, and if the file is submitted outside a cluster, a node with a less busy disk, a less busy memory and a less busy CPU is randomly selected for storage; the second copy is placed on a node on a different chassis than the first copy; the third copy is placed on an adjacent node of the same chassis as the second copy. For security, contract file blocks and their copies are randomly placed around the user node so that a malicious attacker has little access to all of the chunks of the contract file.

Fig. 6 is a schematic diagram of the overall architecture of blockchain + cloud storage, i.e., a blockchain-based distributed cloud storage architecture, according to the embodiment.

Furthermore, cloud and block chain interaction is carried out by using the intelligent contract, so that cloud data and data on the block chain are ensured to be consistent.

The intelligent contract is used to store the encrypted key index and some related data and complete the retrieval operation to ensure the privacy of the user data. In the contract-making stage, the contract-initiating party is the Data Owner (Data Owner, DO) and the contract-receiving party is the Data User (DU), and this identity may change at any time during the contract-signing process (because new Data is continuously generated). The intelligent contracts of contract data interaction are divided into two types which are respectively used for sharing contract data and using the contract data. The former is deployed by a contract drafter and is sent to a contract receiver, so that contract data transfer is completed; the latter is issued by contract receiver for contract signing, searching and checking, and all process data are stored in intelligent contract.

1. Add user AddUser

Because we adopt the architecture of the federation chain and implement membership system for user management, only the administrator of the federation chain has the authority to execute the AddUser function (whether the AddUser function is executed or not can be decided by voting of the members of the federation chain). Firstly, a user initiates a request for adding a new user to an administrator, the administrator receives and verifies the identity certificate information of the user to be added through an encryption channel, and after verification is successful, a alliance chain account is authorized to the user through the function and public and private keys are distributed.

2. Deleting a user Removeuser

Only the federation chain administrator has authority to perform this function. When a user needs to be deleted, the administrator deletes the user's alliance chain account from the authorized account list through the function.

3. Adding index AddIndex to contract document

Only the contractual originator has the right to perform the function. When the drafter uploads a new contract document, he needs to select a keyword list from each document and build an encryption keyword index, and store it into the intelligent contract.

4. Deleting a contract document DeleteFile

Only the contractual originator has the right to perform the function. When the DO deletes a certain contract file, it is necessary to provide the encryption key index and the transaction ID of the file.

5. Delete keyword DeleteKeyword

Only the contractual originator has the right to perform the function. When a certain key word of the contract document needs to be deleted, an index of the key word needs to be provided.

6. Search

This function can only be performed by the contractual drafts or centrally authorized users. The user retrieves through the encrypted keyword Index keyworkindex and the function returns the transaction list TxID and the associated keyword list Index. When the retrieval initiator is an authorized user, before retrieval, whether the user balance is $ msg.value is enough to pay for the retrieval, and after the retrieval is successful, the retrieval cost $ cost is deducted from the user wallet.

Only the contractual originator has the right to perform the function. After performing this function, the DO returns the contract-related search fee to the user.

8. Sending contract metadata to designated users

Only the contractual originator has the right to perform the function. And encrypting the contract metadata and sending the encrypted contract metadata to a specified user.

9. Receiving contract metadata ReceiveContract

This function can only be performed by the contract recipient for reading the contract metadata. After successful reception, the DU can also retrieve contract data locally, and others cannot view the process.

10. Data search for data inspection

Only the contract recipient has the right to perform the function. And calling a Search function through the encrypted keyword index KeywordIndex to acquire and store a retrieval result in an intelligent contract of a contract receiving party.

11. Value Deposit into Deposit

This function is used to credit value consumed for data sharing and retrieval into the account wallet.

Specifically, the data sharing of this embodiment adopts a proxy re-encryption technique, and the data owner only needs to provide the data location and the newly set decryption key when sharing data; and the data receiver downloads the updated ciphertext from the corresponding position and then decrypts the ciphertext. As shown in fig. 7, the steps are as follows:

step S701, the data owner DO sends a metadata access request to the block chain, and after the request passes, the data owner DO downloads a metadata ciphertext, wherein the metadata ciphertext is the metadata ciphertext encrypted by the data owner DO through a public key of the data owner DO; the data owner DO decrypts the metadata ciphertext by using a private key P2 of the data owner DO to obtain a first key and the storage position number of the block data file;

the block chain in this embodiment is a federation chain, the data owner DO sends a metadata access request to the federation chain, and the federation nodes pass the metadata access request by voting.

Step S702, the data owner DO encrypts the first key to generate a second key, and then encrypts the second key and the first key to generate a third key for re-encryption;

the data owner DO encrypts the first key S to randomly generate another 64-bit random symmetric key, the second key S', and the random algorithm core can be specified by the user, so as to improve the security. The data owner DO uses the conversion key generation function to generate a third key from the first key S and the second key S' as a conversion encryption key K for proxy re-encryption;

step S703, the data owner DO transmits the third key K to the file storage position node through the secure channel, and encrypts the block data file ciphertext in the storage node again, wherein the obtained ciphertext is called as a re-encrypted ciphertext;

step S704, the data owner DO sends the re-encrypted ciphertext to the data sharing node;

the data sharing node is randomly selected for the data owner DO.

Step S705, the data owner DO shares the second key S and the location of the data sharing node to the data user DU through the secure channel;

step S706, the DU downloads the re-encrypted ciphertext from the data sharing node, and decrypts the re-encrypted ciphertext by using the second key to obtain the plaintext information of the data file block.

In summary, in the method for cooperatively sharing the blockchain and the cloud data disclosed in this embodiment, the access manner of the data is to use a storage architecture of the blockchain and the cloud, store the lightweight metadata on the blockchain, store the original file on the cloud, expand the storage capacity of the blockchain, and improve the consensus efficiency; data interaction under the chain link is realized, and the consistency of data is ensured; and the safe sharing of cloud data protects the data privacy during data sharing and transmission.

The above description is only for the preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present invention are included in the scope of the present invention.

Claims

1. A method for cooperatively sharing a block chain and cloud data is characterized by comprising the following steps:

2. The method of claim 1, wherein the storing the encrypted ciphertext of the original data file in the cloud comprises:

dividing a data original file into data file blocks with the same size;

storing the block data file ciphertext into a data storage node of a cloud;

and linking the metadata ciphertext to a block chain for storage.

3. The method of claim 2, wherein the metadata comprises lightweight data including a name of a data file block, a cloud storage node location, a key cryptogram, a Hash value, and a URL address of a copy; and the metadata stored in the block chain corresponds to the data file blocks stored in the cloud one by one according to the positions of the cloud storage nodes.

4. The method of claim 2, wherein the proxy re-encrypting the ciphertext comprises:

5. The method of claim 2, wherein the second key is a symmetric key generated by the data owner DO by encrypting according to the first key by using a random algorithm, and a core of the random algorithm is specified by the data owner DO.

6. The method of claim 2, wherein the data sharing node is randomly selected by a data owner DO.

7. The method for cooperatively sharing blockchain and cloud data according to any one of claims 1 to 6, wherein the metadata ciphertext is circulated in a transaction mechanism of the blockchain and is randomly stored on a node of a P2P network of the blockchain.

8. The method for cooperatively sharing a blockchain and cloud data according to any one of claims 1 to 6, further comprising performing integrity verification on a metadata ciphertext by using a Melkle tree.

9. The method for cooperatively sharing the blockchain and the cloud data according to any one of claims 1 to 6, further comprising performing fault-tolerant processing on a metadata ciphertext by using a redundant file copy manner.

10. The method for cooperatively sharing blockchain and cloud data according to any one of claims 1 to 6, further comprising performing cloud and blockchain interaction by using a smart contract, so that the cloud data and the data on the blockchain are consistent.